Visit The New, Modern Unix Linux Community

Linux and UNIX Man Pages

Test Your Knowledge in Computers #712
Difficulty: Medium
On a large scale, the ability to treat instructions as data is what makes assemblers, compilers, linkers, loaders, and other automated programming tools possible.
True or False?
Linux & Unix Commands - Search Man Pages

k5login(5) [centos man page]

K5LOGIN(5)							   MIT Kerberos 							K5LOGIN(5)

k5login - Kerberos V5 acl file for host access DESCRIPTION
The .k5login file, which resides in a user's home directory, contains a list of the Kerberos principals. Anyone with valid tickets for a principal in the file is allowed host access with the UID of the user in whose home directory the file resides. One common use is to place a .k5login file in root's home directory, thereby granting system administrators remote root access to the host via Kerberos. EXAMPLES
Suppose the user alice had a .k5login file in her home directory containing the following line: bob@FOOBAR.ORG This would allow bob to use Kerberos network applications, such as ssh(1), to access alice's account, using bob's Kerberos tickets. Let us further suppose that alice is a system administrator. Alice and the other system administrators would have their principals in root's .k5login file on each host: alice@BLEEP.COM joeadmin/root@BLEEP.COM This would allow either system administrator to log in to these hosts using their Kerberos tickets instead of having to type the root pass- word. Note that because bob retains the Kerberos tickets for his own principal, bob@FOOBAR.ORG, he would not have any of the privileges that require alice's tickets, such as root access to any of the site's hosts, or the ability to change alice's password. SEE ALSO
kerberos(1) AUTHOR
1985-2013, MIT 1.11.3 K5LOGIN(5)

Check Out this Related Man Page

.K5LOGIN(5)							File Formats Manual						       .K5LOGIN(5)

.k5identity - Kerberos V5 client principal selection rules DESCRIPTION
The .k5identity file, which resides in a user's home directory, contains a list of rules for selecting a client principals based on the server being accessed. These rules are used to choose a credential cache within the cache collection when possible. Blank lines and lines beginning with '#' are ignored. Each line has the form: principal field=value ... If the server principal meets all of the field constraints, then principal is chosen as the client principal. The following fields are recognized: realm If the realm of the server principal is known, it is matched against value, which may be a pattern using shell wildcards. For host- based server principals, the realm will generally only be known if there is a domain_realm section in krb5.conf with a mapping for the hostname. service If the server principal is a host-based principal, its service component is matched against value, which may be a pattern using shell wildcards. host If the server principal is a host-based principal, its hostname component is converted to lower case and matched against value, which may be a pattern using shell wildcards. If the server principal matches the constraints of multiple lines in the .k5identity file, the principal from the first matching line is used. If no line matches, credentials will be selected some other way, such as the realm heuristic or the current primary cache. EXAMPLE
The following example .k5identity file selects the client principal alice@KRBTEST.COM if the server principal is within that realm, the principal alice/root@EXAMPLE.COM if the server host is within a servers subdomain, and the principal alice/mail@EXAMPLE.COM when accessing the IMAP service on alice@KRBTEST.COM realm=KRBTEST.COM alice/root@EXAMPLE.COM host=* alice/mail@EXAMPLE.COM service=imap SEE ALSO
kerberos(1), krb5.conf(5) .K5LOGIN(5)

15 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

ALERT!!! ALERT!!! I messed up the UNIX!!!

Hello If you want a short description read my last thread! I have no root access anymore. No remote access! By user access i get a programm started and when i close it, i got logged off! So I guess I messed up the passwd file! is there a chance of booting a unix system (SCO-UNIX UnixWare... (15 Replies)
Discussion started by: Fwurm
15 Replies

2. UNIX for Advanced & Expert Users

Logging in and then su to root

We have several people that log in using root. What I need to do is have everyone to log in using there own account then su to root. How would I do this. We have aix 4.2 (5 Replies)
Discussion started by: eyounes
5 Replies

3. Solaris

sshd (openssh) on SunOS without root privileges

Hi, I've just managed to install openssh in my home directory on a server I have access to by using --prefix=$HOME/local after ./configure. Another thing I was having trouble with without root access was privilege separation, so I disabled that in my sshd_config. However, when I run... (10 Replies)
Discussion started by: sayeo
10 Replies

4. UNIX for Dummies Questions & Answers

Restrict user access to their home dir

Hi! i'm using FreeBSD 6.2 and hosting my pc to frens in particular of sensitive information being saved to the PC, i would like to know is it possible for me to restrict user access to their /home dir. only? and also, i wanted to restrict them listing files under /etc thanks all! (10 Replies)
Discussion started by: rdns
10 Replies

5. Shell Programming and Scripting

replace space or spaces in a line of a file with a single :

I am searching while I await a response to this so if it has been asked already I apologize. I have a file with lines in it that look like: bob johnson I need it to look like: I am trying to use sed like this: sed -e 's/ /:/g' file >... (5 Replies)
Discussion started by: NewSolarisAdmin
5 Replies

6. Shell Programming and Scripting

sed or awk for arithmetic task

I have file with this type of format 01.02.09 08:30 bob jill mark 01.04.09 07:00 bob jill mark tom I want to count the names after the date /ime line (01.02.09 08:30) and add that number after the time like this 01.02.09 08:30 3 01.04.09 07:00 4 I don't care about... (6 Replies)
Discussion started by: marcelino
6 Replies

7. Shell Programming and Scripting

Help With Script

I need a bash script that every day at 4 am verifys the home user directory for the next entrys - Registers all user action in root/login/checl.log - Excluds UID inferior then 500 and that home/dev/null - Create's the the user home directory if it does not exist - guarantees that the the home... (8 Replies)
Discussion started by: nogame11
8 Replies

8. UNIX for Advanced & Expert Users

audit user commands of different users under root account

Hi, I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
Discussion started by: pointgetter0
6 Replies

9. Ubuntu

Root directory not available!

I am using Ubuntu 10.10. I want to access root home directory (~) through GUI and want access to its content. I login from administrator who is the only login user and have all rights for it. I can access the content through terminal but can't do it through GUI. Remedy my problem (5 Replies)
Discussion started by: nixhead
5 Replies

10. AIX

Switch user(su) two times

Is it possible to switch to root(if allowed) and then with root privileges switch to another user account "ABC"? To further explain the scenario, ABC is an account which has sugroups=su2DEF and root is not part of su2DEF group. but, given that root can switch to any account(correct me if I am... (7 Replies)
Discussion started by: mtwain
7 Replies

11. Solaris

how to su - from non root acount to non root account

HI i am trying to give su access to some users say X Y and Z to a account AB . I am able to give them su access to root with the help of sudoers file but i want to give them password less access to AB account which i am not able to do . I want to this when user X fires "su - AB" he is not... (9 Replies)
Discussion started by: rishiraaz
9 Replies

12. Shell Programming and Scripting

Timeout in shellscripting

#!/bin/sh for ip in $(cat /root/Desktop/ftp.txt) do HOST=$ip USER='bob' PASS='bob' ftp -n $HOST <<EOF user bob bob EOF echo "$ip" done the Above code i want to use check and verify login works on multiple ftp servers on my network. However the ftp servers are dynamic in setup... (5 Replies)
Discussion started by: Noledge
5 Replies

13. Solaris

Access Denied

Hi All, I have a root access for one of the server. But, when i try to cd one particular directory i will get the access denied message. Even though that particular directory is created under root. What would be the cause for this? I really wonder if any one have answer for my... (20 Replies)
Discussion started by: Sricharan21
20 Replies

14. Shell Programming and Scripting

How to get index values for multiple matches in the same line with awk?

Hi, I know that echo "bob alice robert alice" | awk '{print index($0,"alice")}' 5Will output the index of the first alice match, is there any way to get the index of all matches?, eg: echo "bob alice robert alice" | awk 'unknown magic' 5:18Thanks for your time. (6 Replies)
Discussion started by: chilicuil
6 Replies

15. UNIX for Advanced & Expert Users

Vendor root access

(7 Replies)
Discussion started by: hburnswell
7 Replies

Featured Tech Videos